-
Audio deepfakes: Celebrity-endorsed giveaway scams and fraudulent investment opportunities flood social media platforms
Bitdefender Labs has been keeping up with the latest modus operandi of cybercrooks who adapt emerging technologies to siphon money from consumers. Artificial intelligence is just one of the many tools that help in the creation and successful dissemination of online schemes to extort money and sensitive information. This paper focuses on voice cloning (audio…
-
Details on Apple’s Shortcuts Vulnerability: A Deep Dive into CVE-2024-23204
CVE-2024-23204 sheds light on the critical importance of continuous security vigilance. Apple’s Shortcuts application, designed to enhance user automation, can inadvertently become a potential vector for privacy breaches. This analysis aims to provide users, developers, and security professionals with insights into the nature of the vulnerability, its potential impact, and recommended mitigation measures. At a…
-
New macOS Backdoor Written in Rust Shows Possible Link with Windows Ransomware Group
UPDATE: Following our initial release, we have been contacted by our fellow researchers at Jamf who were able to identify three more samples that act like first-stage payloads. They are responsible for downloading the backdoor: * e7cab6f2be47940bf36e279bbec54ec7 – Jobinfo.app.zip * 26d6a7e3507edf9953684d367dcd44bd – Jobinfo.zip * 775851f86cbde630808ff6d2cf8cedbf – Jobinfo.zip Combined with information in our previous research, the…
-
Stream-Jacking 2.0: Deep fakes power account takeovers on YouTube to maximize crypto-doubling scams
As of October 2023, researchers at Bitdefender Labs have been actively keeping tabs on steam-jacking attacks against high-profile YouTube accounts used to conduct a myriad of crypto doubling scams. Fast forward to 2024; our investigation into the fraudulent takeovers and usage of YouTube accounts has rendered new findings, as financially motivated threat actors meticulously evolve…
-
Investigating Worldwide SMS Scams, and Tens of Millions of Dollars in Fraud
SMS services remain a critical part of telecommunications; they don’t require Internet access, and companies use them to inform their customers. This combination of features makes them incredibly useful for criminals who use the technology as a stepping stone in their never-ending campaigns. And if you think that the new RCS messaging standard will offer…
-
Unveiling Hidden Connections: JA4 Client Fingerprinting on VirusTotal
VirusTotal has incorporated a powerful new tool to fight against malware: JA4 client fingerprinting. This feature allows security researchers to track and identify malicious files based on the unique characteristics of their TLS client communications. JA4: A More Robust Successor to JA3 JA4, developed by FoxIO, represents a significant advancement over the older JA3 fingerprinting…
-
Important Update: IP Address Change for VirusTotal
We’re making a change to the IP address for www.virustotal.com. If you’re currently whitelisting our IP address in your firewall or proxy, you’ll need to update your rules to maintain access to VirusTotal. Starting November 25th, we’ll be gradually transitioning the resolution of www.virustotal.com to a new IP address: 34.54.88.138. If you have hardcoded the…
-
VirusTotal AI-Generated Conversations: Threat Intel Made Easy
At VirusTotal, we’re constantly exploring new ways to make threat intelligence more digestible and available to a wider audience. Our latest effort leverages the power of AI to create easily understood audio discussions from technical information. Using Google NotebookLM’s innovative Audio Overview feature, we’re transforming technical content into accessible audio experiences to make threat intelligence…
-
VirusTotal += Huorong
We welcome Huorong anti-malware engine to VirusTotal. In the words of the company: “Huorong is a Chinese information security company founded in 2011, which has been committed to the research and development of endpoint security products. Huorong anti-malware engine utilizes a builtin virtual sandbox to achieve generic scanning, generic unpacking and malicious behavior analysis capabilities.…
-
Exploring the VirusTotal Dataset | An Analyst’s Guide to Effective Threat Research
By Aleksandar Milenkoski (SentinelOne) and Jose Luis Sánchez Martínez VirusTotal stores a vast collection of files, URLs, domains, and IPs submitted by users worldwide. It features a variety of functionalities and integrates third-party detection engines and tools to analyze the maliciousness of submitted artifacts and gather relevant related information, such as file properties, domain registrars,…